Remote  Testing 
Has  Been  Around 
for  Years...  But 
Never  Like  This. 

Introducing  Comdisco  Remote  Testing 


With  the  most  extensive  network  of  regional  Recovery  Centers  in 
North  America,  we've  always  paid  close  attention  to  convenience 
and  cost  efficiency  on  behalf  of  our  customers.  With  CRT  ", 
we  re  making  disaster  recovery  activity  more  economical  than 


State-of-the-art  CRT  options  extend  the  reach  of  our  Hot  Sites, 
letting  you  test  your  contingency  plan  from  your  own  office,  in  any 
location,  at  the  keyboard  of  your  own  3270  or  PC. 

The  benefits  are  substantial.  CRT  lets  you  avoid  the  cost  of 
travel,  meals  and  lodging  for  a  significant  number  of  your 
personnel.  In  a  test  mode,  or  during  an  actual  disaster,  three 
different  CRT  options  get  you  into  the  CDRS  Recovery  Network — 
without  necessarily  having  to  go  there. 


►mra/to 


Comdisco  Disaster  Recovery  Service 


SECURITY 


in  focus 


A  NEW  VIGILANCE  Security  has  become  a  burning  issue  for  executives  at  all  levels.  MIS  has 

waged  a  long  campaign  to  convince  top  management  that  securing  the  data  center  is  not  just  impor¬ 
tant  to  business  —  it  is  critical.  And  the  selling  job  may  be  paying  off.  Yet  the  flip  side  of  extra 
security  measures  may  mean  a  heavier  work  burden  for  MIS.  By  Stan  Kolodziej.  Page  20. 

SECURITY  IN  THE  FIRST  DEGREE  The  range  of  options  available  to  secure  an 

organization’s  systems  has  broadened.  Yet  matching  the  right  solution  to  the  right  problem  remains 
a  great  challenge  for  MIS.  Read  about  the  simple  and  sophisticated  products  on  the  market  to  help 
you  with  your  security  concerns.  By  Michael  Tucker.  Page  17. 

TINKER,  TAILOR,  NETWORK  SPY  Keepingcommunicationsnetworksoutof 

harm’s  way  demands  a  blend  of  technology  and  education.  There  is  no  one  system  that  can  keep  an 
entire  network  safe;  net  security  should  be  built  on  a  number  of  roadblocks  that,  together,  turn 
away  threats.  By  John  Vacca.  Page  41. 


Are  you  doing  anything? 

By  Toni  B.  Fish.  A  Big  Eight  firm’s 
security  survey  revealed  that  while 
corporate  recognition  of  the  impor¬ 
tance  of  security  is  growing,  a  large 
gap  still  exists  between  awareness 
and  implementation.  Page  23. 

insider  crimes  threaten 

By  Martin  Nabut.  Security  in  an  or¬ 
ganization  depends  on  the  integrity 
and  training  of  employees.  Here’s 
how  you  can  protect  your  company 
from  itself.  Page  25. 

Site  uptime  management 

By  Kenneth  Brill.  MIS  should  prac¬ 
tice  uptime  procedures  before  a  ca¬ 
lamity  strikes.  Page  33. 

Too  much  security 

By  Rebecca  Hurst.In  these  cost-ef- 
ficient  times,  learn  how  to  trade  off 
providing  enough  security  against 
cost  and  usage.  Page  37. 

Justice  and  data  for  all 

By  Rebecca  Hurst.  When  the  gov¬ 
ernment  tried  to  suppress  informa¬ 
tion  it  deemed  "sensitive  but  un¬ 
classified.”  information  managers 
did  not  take  this  censorship  lying 
down.  Page  45. 

Is  it  in  the  bank? 

By  Robert  Dratch.  Banks  have  been 
at  the  forefront  of  the  data  security 
push,  especially  since  the  advent  of 
sophisticated  electronic  exchange 
systems.  Find  out  how  safe  your 
money  really  is.  Page  49. 


Disaster  recovery 

The  disaster  recovery  field 
|  has  become  big  business 
and  big  money.  No  wonder; 
the  financial  fallout  after  a 
disaster  can  be  grave  in¬ 
deed.  Senior  Editor  Stan 
Kolodziej  talks  to  MIS  man¬ 
agers,  consultants  and  di¬ 
saster  survivors  about  pre¬ 
ventative  measures  and 
coping  strategies  should 
DP  operations  screech  to  a 
halt.  Begins  on  page  27. 

Illllllllllllll 


From  the  Editor 

Including  your  letters  to  us.  Page  5. 

QandA 

A  disaster  survivor’s  tips.  Page  6. 

Commentary 

Sanford  Sherizen,  criminologist,  on 
how  to  think  like  a  thief.  Page  8. 

Manager’s  Corner 

Jim  Young  on  measuring  end-user 
computing’s  success.  Page  11. 

News  &  Analysis 

Update  on  fault  tolerance,  Tempest 
and  data  shredders.  Page  13. 

Products 

PC  hard-disk  security,  data  safes 
and  the  Hot  Seat  column.  Page  51. 

Blue  Beat 

Deidre  Depke  on  raising  vendors' 
security  consciences.  Page  51. 

Calendar 

Industry  events.  Page  59. 

The  Insider 

Thomas  Roberts  on  personal  com¬ 
puter  security.  Page  60. 

LogOff 

The  lowdown  on  the  chance  of  di¬ 
sasters  in  data  centers.  Page  60. 
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panies  promise  to  give  you  what  you  need  at 
iblem.  What  you  reaUy  need  is  often  beyond 


■r workgroup  and  into  the  c<  >m- 

pfa^tion.  So,  instead  of  \vi  trking 
S.||starts  with  a  full  range  c >f 
iprinters  and  storage  devices. 
Sfcqmputers  and  multi-user 
yoyr  workgroup,  you  can 

m  tie  into  the 

share  the  same  software  and  files.  You  can  gain  access  to  all  the  compute  power 
and  resources  of  the  workgroup  transparently  with  our  Local  Area  VAXcluster" 
software.  Using  our  new  VAXmare”  personal  computers,  you  can  run  industry- 
standard  PC  software  on  the  network.  And  with  our  local  and  wide-area  net¬ 
working  capabilities,  you  can  link  to  anyone,  anywhere,  on  any  system. 

Digitals  Networked  Desk.  Why  work  in  isolation  any  more?  Call  your 


WITHOUT  DAOA  GENERAL,  INTEGRATING  YOUR 
SYSTEMS  IS  LIKE  MIXING  OIL  AND  WATER. 


BUSI^SSALJTOM^IOmALK  TO 
DATA  GENERAL. 

grate  all  its  resources,  lllfanately  Wending  people,  departments, 
data  and  computer  systems  together. 

Data  General's  Business  Automation  Systems  integrate  all 
these  vital  elements.  Which  gives  your  company  one,  accessible 
information  flow. 

Our  industry-leading  CEO®  software  gives  you  the  most 
integrated  business  automation  essentials.  With  spreadsheets. 
Graphics.  Decision  support.  Tools  that  help  you  make  faster,  bet¬ 
ter  informed  business  decisions. 

Then  we  take  you  further.  By  letting  you  integrate  your  exist¬ 
ing  applications. 

Our  communications  story  is  second  to  none.  We  give  you 
the  most  complete  IBM  compatibility.  We  also  adhere  to  industry 
standards  iike  Ethernet®  and  X.25. 


So  our  business  automation  solutions  integrate  all  levels  of 
your  company.  From  PC’s  to  mainframes.  And  from  the  next 
room  to  the  next  continent. 

Our  MV/Family  systems  lead  the  industry  in  price/ 
performance.  And  give  you  a  low  cost  of  ownership,  along  with 
service,  training  and  support. 

Today,  over  165,000  CEO  users  have « 
grated  business  automation.  To  create  the 
for  your  business  systems,  talk  to  Data  General.  Call  1-800- 
DATAGEN  (Canada  call  1-800-268-5454.)  Or  write:  Data  Gener. 
4400  Computer  Drive,  MS  C-228,  Westboro,  MA  01580. 


i  w  Data  General 

a  Generation  ahead 
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EDITORIAL 


Better  safe 
than  sorry 


A  breach  in  your  organization's  computer 
security  is  an  accident  waiting  to  happen. 
Although  the  realization  of  the  need  for 
security  is  growing,  not  enou^i  action  is 
taking  place.  In  the  story  on  page  23 
detailing  a  recent  Ernst  &  Whinney  survey. 
87%  of  the  respondents  recognized  the  increasing  importance  of 
security  issues,  but  only  6%  felt  their  companies  were  adequately 
protected.  And  a  Focus  survey  of  MIS  managers  on  page21 
showed  similar  results. 


Good  intentions  are  obviously  not  enough.  It  is  easy  to 
underestimate  how  integral  computers  and  the  information  they  hold 
have  become  to  businesses.  Figures  show  that  the  cost  of 
interrupted  DP  services  due  to  water  damage  for  a  large  insurance 
company  would  be  $275,000  per  day;  interrupted  services  for  a 
major  airline  could  cost  it  $20,000  per  minute!  Disaster  recovery, 
this  month’s  Special  Section  topic,  has  become  a  big  market. 

And  threats  to  security  do  not  always  come  from  without  Hackers 
may  get  the  headlines,  but  the  majority  of  data  theft  is  perpetrated  by 
insiders.  Computer  security  has  become  a  people  problem  because 
the  best  security  devices  and  procedures  in  the  world  won't  protect 
against  carelessness  by  management  and  employees.  Businesses, 
unsure  of  legal  protections,  don't  want  to  admit  to  the  public  or  their 
competitors  that  they  are  vulnerable  to  tampering  and  usually  keep 
news  of  computer  crimes  under  wraps.  It  will  take  a  massive 
education  effort  —  spearheaded  largely  by  MIS — to  goad 
management  and  employees  into  turning  this  situation  around. 

However,  as  MIS  emphasizes  the  importance  of  data  security 
practices,  it  shouldn't  make  the  systems  too  difficult  to  use.  MIS 
should  weigh  the  issues  and  make  trade-offs  between  security 
protection  and  end-user  computing.  For  example,  Has  the  system 
become  so  secure  and  unapproachable  that  people  are  bypassing  it? 
Does  every  company  or  department  need  the  same  set  trf stringent 
safety  requirements?  Has  the  cost  exceeded  the  value  of  the 
information  involved?  The  need  for  protection  has  never  been 
greater,  and  it's  up  to  MIS  to  achieve  a  secure  yet  effective  system. 


Big  Blue  will  sell  no 
product  before  its  time 

1  was  startled  at  Amy  Wahl's  contention  [CW Fo-  | 
cus,  March  4]  that  IBM  is  "too  big  and  too  struc-  i 
I  tured  to  be  very  flexible;  whatever  it  has  decided  | 
todo. . .  was  decided  a  long  time  ago.  '' 

develop  hardware  and  software  products  in  paral-  i 
lei,  and  the  Golden  Boys  (as  1  call  the  members  of 
its  management  committee)  only  need  to  choose  | 
among  the  alternatives  at  the  last  moment. 

IBM  can  afford  to  put  the  plans  for  a  product 
on  the  shelf  until  those  Golden  Boys  decide  the 

An  example  of  the  parallel 
strategy  is  the  advent  of  the  360 
in  1964,  when  alternatives  like 
the  7095  were  kept  alive  until  a 
few  days  before  the  unveiling. 

An  example  of  the  shelving 
strategy  is  the  Select nc  type- 

months  until  the  time  was  judged 
right  to  announce  it. 

Herbert  RJ  Grosch 
Association  for  Computing  Machinery 

A  closer  link  sought  between 
the  classroom  and  workplace 

In  a  letter  in  the  January  issue  of  Computerworld 

|  that  his  education  lacked  hands-on  training  and 
left  him  ill  prepared  to  find  employment.  The  stu- 


I  classroom  and  the  workplace 


Philip  A.  Clement 
President 
Devry  Institute  of  Technology 


IBM’s  secret  weapon  to  shake 
crowded  System/36  market? 

I  recently  read  "Is  IBM  In  The  PC  Business?"  \ 
j  [CW Focus.  March  41and  have  a  few  comments: 

•  IBM  made  a  strategic  blunder  when  it  opted 
for  third-party  components  to  make  the  Personal  I 
Computer.  This  move  got  the  PCs  to  market 
quickly,  but  the  long-term  effects  have  been  to 
show  customers  that  a  computer  can  function  ef¬ 
fectively  without  those  three  little  letters. 

•  We  see  plug-compatible  machines  at  both 
the  low  and  high  ends  of  the  computer  spectrum, 
and  shortly  many  manufacturers  will  attack  the 
System/36  market 

profitable  days  of  yesteryear,  it  must  leverage 
proprietary  hardware  and  software.  I  predict  that 
one  of  IBM’s  next  moves  will  be  to  enhance  the 
PC  with  a  version  of  IBM's  System/36  multiuser 
,  operating  system  —  SSP  —  giving  it  RPG-II  ca-  | 
pabilities.  retaining  DOS  and  providing  a  simple 
and  logical  growth  path  for  the  user. 

Vice-President 
National  Computer  Solutions.  Inc 
Huntington  Station.  N.  Y. 
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Connie  Brock 

Once  burned,  twice  shy:  A  disaster  survivor  offers 
advice  on  how  to  safeguard  your  DP  operations. 


their  disaster  recovery  plans.  ly  defined  minimum  levels  of  operation 

and  if  recovery  time  frames  are  still  work- 
Is  there  enough  awareness  now  able.  The  bask  thrust  is  to  see  if  the  plan 
about  the  importance  of  disaster  is  still  current  and  still  works. 

There's  much  more  awareness  than  there  with  a  pretty  good  disaster  recovery  plan 
was  five  years  ago.  but  I  don't  think  it's  but  let  it  fall  by  the  wayside  because  they 
adequate  yet.  The  trick  is  for  companies  don't  put  the  resources  into  an  ongoing 
to  correctly  identify  whkh  of  their  busi-  maintenance  program.  If  you  do  it  your- 
ness  operations  are  the  critical  ones  that  self,  you  build  expertise  and  awareness. 


Just  one  free  call 
can  start  your  computer 
disaster  recovery 


SUNGARD 

1-800/523-4970 


Ihlk  is  cheap. 


Micro /Mainframe  Communications 
Complete  BiueLynx  Package  from  $695 

PC  to -system  communications  don't  have  to  be  expensive  to  be 
effective  All  you  need  is  Bluelynx  to  make  your  network  more  flexib 
and  versatile.  With  Bluelynx  you  get  results,  without  the  high  pnce  ti 

BlueLynx  5251-11: 

•  Menu  configurable  5251  and  •  7LU  support 

5291/5292  display  support  •  Fast  HOT  KEY  to  DOS 

•  IBM  API  compatability  on  each  LU  •  International  and  Enhana 
■  5224, 5225  and  5226  pnnter  support  PC  keyboard  support 

BiueLynx  II 3270: 

•  Emulation  of  the  3274/76  •  Fast  HOT  KEYS  to  DOS 

remote  controller  with  5LU  support  •  Configurable  attnbutes 

•  Menu  configuration  of  3278/3279  •  Screen  timeout  value 

display  and  3287  pnnters  .  Integrated  line  monitor 

•  Configurable  print  strings  provides  online  diagnostic 

BiueLynx  2780/3780: 

•  RJE  and  PC-to-PC  communications  at  speeds  of  19.200  bps 

•  Set-up  &  options  are  handled  from  main  menu 

•  Automatic  and  unattended  transfer  of  files 

•  Data  compression  options  provide  for  rapid 


SUNGARD 

RECOVERY  SERVICES 
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Computerworld  Focus 

Post  Office  Box  300 
Dalton,  MA  01227-9882 


Funny  how  the  greatest  success  stories  always  seem 
to  hinge  on  some  special  combination. 

The  bat  And  the  hitter. 

The  song.  And  the  singer 

The  IBM  9370.  And  VMCENTER II. 

The  9370’s  potential  lor  greatness  has 
never  been  in  doubt  But  it  takes  more 
than  potential  to  make  departmental 
systems  run  smoothly  throughout 
large  organizations. 

What  it  takes-is  VMCENTER  II. 


THE  ACCESS 
USERS  NEED. 
THE  CONTROL 
YOU  NEED. 


VM  CENTER  II 
AND  THE  9370= 

I  Equally  important ' 
vastly  reducing  the 

A  HARD-HITTING 
COMBINATION. 


KM 


VMCENTER  II  is  VM  Software’s  newest  most  comprehensive 
answer  to  the  systems  management  needs  of  the  VM  operating 
environment-the  environment  best  suited  to  the  overwhelming 
majority  of  9370  users. 

In  one  easy-to-use  package,  VMCENTER  II  brings  computing 
power  to  the  people  who  need  it  at  every  organizational  level. 
Equally  important  VMCENTER  II  helps  maintain  strong  central  control  while 
vastly  reducing  the  tasks  traditionally  faced  by  data  processing  professionals  in 
interactive  user  environments. 

System  security.  DASD  management 
Performance  monitoring  Project 
accounting  They  may  sound  mundane.  But  they’re  critical 
to  smooth-running  applications.  And  VMCENTER  II  takes 
care  of  them  all-plus  a  lot  m 
All  this  while  users  are  enjoying  ^ 
dependable,  easy  access  to  a  system  that  performs  at 
its  peak,  day  after  day.  And  even  helps  them 
plan  ahead  for  future  needs. 

THE  POWER.  The  9370  marks  a  great  opportunity 

AND  THE  for  your  entire  organization.  But  to  make 

GLORY  the  most  of  it  there’s  nothing  like  VMCENTER  II. 

After  all,  VMCENTER  II  is  based  on  the  original 
VMCENTER-the  world’s  leading  VM  data  center  manage¬ 
ment  system.  And  it’s  loaded  with  new  features  specifically  designed 
for  departmental  environments. 

The  result  is  a  system  that’s  a  potent  partner  for  the  9370.  A  sure  way  to  simplify 
major  transition  for  your  organization.  And  an  all-round  clutch  performer  that’ll 
make  you  look  good  for  choosing  it  j  q/X/A 

VMCENTER  II.  For  more  information  call  rOUUOOZ’l  IUU 
(In  Virginia  or  outside  the  Continental  U.S.  703-264-8000).  Or  write  VM  Software,  Inc. 
1800  Alexander  Bell  Drive,  Reston,  Virginia  22091. 

VMCENTER  II  FROM  VM  SOFTWARE,  INC 
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It  never  fails.  Every  few  years  Stratus 
comes  out  with  a  new  generation  of 
fault-tolerant  computers  whose  price/ 
performance  and  reliability  are  a 
source  of  astonishment  to  our  market 
and  a  source  of  embarrassment  to  our 
competitors. 

This  year  is  no  exception. 

With  the  introduction  of  our  new 
XA2000  family,  Stratus  now 
offers  the  best  performing,  most 
powerful  fault-tolerant  computer 
systems  in  the  world.  Systems 
powerful  enough  to  handle  the 
largest  on-line  transaction  pro¬ 
cessing  applications  with  the 
lowest  cost  per  transaction  in  the 
industry.  Systems  with  more  comput¬ 
ing  power  than  ever  before,  enhancing 
the  performance  of  what  was  already 
the  world  's  most  reliable  architecture - 
hardware-based  fault  tolerance. 

Our  new  Model  140,  for  example, 
can  execute  over  50  transactions  per 
second.  That  's  more  than  three  times 
the  processing  power  of  a  Stratus 
XA600 -  which  up  till  now  was  the 
most  powerful  hardware-based  fault- 
tolerant  system  you  could  buy.  And 
if  you  did  buy  one,  don't  worry:  all 
Stratus  computer  systems,  old  and 
new,  are  completely  compatible. 


Stratus  XA2000  performance 
becomes  even  more  impressive  when 
you  begin  adding  systems.  In  fact, 
you  can  interconnect  thousands  of 

INTRODUCING  THE 
STRATUS  XA2000  FAMILY. 


THE  WORLD’S 
MOST  RELIABLE  COMPUTER 

JUST  GOT  THREE  TIMES 
MORE  POWERFUL 

Stratus  computers  into  local  and  wide 
area  networks  for  virtually  unlimited 
performance. 

Upgrading  couldn't  be  easier.  Or 
faster.  Because  all  you  do  is  add 
boards.  You  can  even  do  it  while  the 
system  is  running. 

And  the  unique, '  open-ended” 
architecture  of  our  new  XA2000  gives 
you  the  flexibility  to  begin  building  your 


foundation  now  for  the  more  sophisti¬ 
cated  applications  you’ll  be  running 
years  from  now. 

OurXA2000  family  includes  four 
totally  compatible,  instantly  upgrad¬ 
able  computer  systems:  the  Models 
110, 120, 130,  and  140.  Each  more 
powerful  than  the  one  before 
it.  And  each  years  ahead  of  its 
time  in  speed,  upgradability, 
reliability,  and  above  all,  price/ 
performance. 

All  this  from  a  company  that 
enjoys  the  highest  level  of  cus¬ 
tomer  loyalty  in  the  industry: 
a  recent  independent  survey 
of  some  of  our  customers 
revealed  that  100%  of  those  surveyed 
would  not  even  consider  changing 
computer  companies. 

So,  for  complete  information,  con¬ 
tact  your  local  Stratus  sales  office,  or 
call  Peter  Kastner  at  (617)  460-2192. 

Because  you  may  not  see  another 
computer  like  this  until  the  21st  century. 
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or  sorry. 

CA-TOP  SECRET™  represents  a  major 
advance  in  MVS  and  VSE  security  systems. 
Its  comprehensive  scope,  exceptional 
auditing  capabilities,  intelligent  design,  ease 
of  implementation  and  ease  of  use  make  it 
without  question  the  system  of  choice  over 
anything  else  available  on  the  market  today. 

You  get  total  security  And  you  get  total 
support  as  well — on-site  consulting  and  on¬ 
line  HELP — and  tutorials  when  you  buy  it 
as  part  of  CA-UNICENTER™,  the  modular 
system  designed  to  automate  all  data 
center  functions.  CA-TOP  SECRET  and 
CA-UNICENTER— total ' 
security  within  a  totally  if*  : 

automated  data  center.  ^  '  ”  >  l* 

A  complete  solution  and  ■vsr> 
only  Computer  Associates  Ujl  -  *  j  t. 
can  deliver  it  today.  ■ 

Be  safe  instead  of  Ka*> '  * '  V  ."Si 


800-645-3003. 


aOMPUTER 

bSSOCIATES 


11530-4787 


ECUR1T 


Fault  tolerant 


NCR  Corp. 

ter  market.  PO 
same  time.  NCR  is  helping  push 
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niche  applications  such  as  la- 

trant  Tolerant  Systems,  Inc.  < 
San  Jose  is  ambitiously  aiming  i! 


Passwords 
made  safer 


The  World’s  Smallest  Big  Idea 
In  PC  Data  Protection...New  worn  Liebert. 


ce  groups  the  world. 


The  Acknowledged  Power 
In  Data  Protection. 

Liebert 


SECURITY 


Data  Physician  treats  viruses 


Apollo  Computer.  Inc.,  this  oc¬ 
currence  is  a  rite  of  initiation  for 
new  employees,  two  engineers 


gninUed  employees  have  an  easy  Data  Physician,  a  $49.95  pack- 

Al  the  same  time,  searching  When  the  PC  boots  up.  the  prod- 
for  the  minute  defective  code  is  uct  works  by  monitoring  files 
akin  to  looking  for  a  needle  in  a  that  have  been  listed  by  the  user, 
haystack.  The  problem  is  often  Hansen  explains.  If  the  file  is  cor- 
compounded  by  the  fact  that  the  rupted,  Data  Physician  gives  the 

electronic  bulletin  boards  or  mi-  One  weakness  of  Data  Physi- 


Lock  or  shred  your 
data  cares  away 


electronic  data. 

‘•Generally,  only  a  small 


Hansen,  president  of  Minneapo-  i 

lis-based  Digital  Dispatch.  Inc.,  a  t 

software  development  firm.  The  I 


the  Los  Angeles  department  of 
water  and  power.  The  depart-  | 


package  that  skirts  this  problem. 


mercially  available  alternative 
monitor  and  regulate  the  use 


disks."  tion  for  the  engineers  ai  Digital  ! 

A  major  problem  for  systems  Dispatch.  "After  reading  about  I 


what  a  firm  needs,  Paper  is  much  MIS  will  also  need  to  consider 

tougher  than  disks  or  tapes,  how  completely  it  needs  waste 
While  paper  will  easily  survive  broken  apart.  A  simple  shredder, 
temperatures  of  350  degrees  which  reduces  a  document  to  a 


Feds  look  to  secure  ports 
through  Tempest 


(  (UL)  standards  for  the  protec-  cr  media  to  a  fu 
tion  of  magnetic  media.  The  lev-  firm  that  makes ! 
•  el  of  protection  required  for  the  Security  Enginet 

!  Class  I25!  °  6  **  *  This  company  r 

Underwriters  Laboratories  known  as  "disint 
tests  safes  by  locking  them  and  An  SEM  dis 
placing  them  m  a  furnace.  The  tains  a  cutting  cl 


such  as  IBM.  Digital  Equipment 
Corp.  and  Wang  Laboratories. 

pest-certified  workstations  for 

deal  of  time  and  money  shielding 
their  equipment  in  order  for 

tensive  National  Security  Agen- 

stamped  Tempest-approved  and 
placed  on  the  government's  Pre¬ 
ferred  Products  List. 

Russ  Aldrich,  manager  of  Com¬ 
munications  and  Special  Sys¬ 
tems  at  San  Jose.  Calif.-based  Al¬ 
tos  Computer  Systems.  Inc.,  one 
of  the  newer  Tempest  vendors 

number  of  government  agencies 

mem.  Users  include  such  heavy¬ 
weights  as  the  Department  of 
Defense,  the  Federal  Bureau  of 
Investigation  and  the  Central  In¬ 
telligence  Agency. 


o  ships  and  airplanes  and  elec*  i 
magnetic  pulse  |EMP]  sys-  1 
us,  also  called  EMP-hardcned  < 


While  EMP  systems  prevent  ra- 
tems.  Tempest  keeps  radiation 

Computers  meet  politics 

eliminating  electromagnetic 

shielding),  produced  by  all  auto¬ 
matic  data  processing  equip¬ 
ment.  that  could  be  illegally 
monitored  and  deciphered.  Teni¬ 
ers,  politics  and  espionage  meet. 

Security  also  has  a  price.  Al- 
dnch  says  that  Tempest -certify- 
ing  a  system  will  roughly  double 
its  final  price.  It  can  also  take  a 


sued  by  the  Defense  Depart 

Could  Tempest  eventually  m-  ! 

"If  you  consider  Tempest  as 
just  one  of  several  possible  secu- 


emment's  Preferred  Produo 

Systematics  General  Corp.  1 
Sterling,  Va.r  has  used  App 
Computer.  Inc.’s  Macintos 


certified  desktop  publishing  sys¬ 
tem;  VCA  Corp.  of  Reston.  Va. 
has  introduced  a  Tempest-ap- 
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Security 

in  the  first  degree 


BY  MICHAEL  TUCKER 

For  a  while,  data  security  was  a  relatively  simple  problem  with  a  relatively  simple  cure.  MIS 
just  took  the  mainframe,  plus  the  assorted  tapes  that  ran  on  it  and  locked  it  all  in  the  data 
center.  For  a  slight  additional  investment,  MIS  could  even  obtain  an  intelligent  user  authori¬ 
zation  subsystem  —  an  armed  security  guard. 

Then  came  distributed  processing,  global  networking  and  the  personal  computer  with  attached 
modem.  Suddenly,  data  security  became  infinitely  more  complex.  Sensitive  information  could  be 
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rity  Corp.,  located  in  : 
fers  the  Tragnet  Sec 
(SCID).  which  bring 


ire  only  upgrades  of  authorized  personnel  out  of  DP  areas. 

lost  vendors  com-  be  obtained  from  vendors  such  as  Finger- 
iort  of  hardware  us-  matrix,  Inc.,  of  N.  White  Plains,  N.  Y. ,  and 
their  systems  or  Indentix,  Inc.,  of  Phlo  Alto.  Calif.  Each 

nah  Datacom  Secu-  identify  users  by  comparing ; 


and  you  hand 
the  princely 


the  princely  sum  of  $3.50  an  I 


a  Tragnet  SCID  and  a  PIN  to  CT__ .  _ . 

The  user  dials  in  the  PIN.  and  the  2000  i 

challenge  code.  The  SCID  then  returns  a  s 
DES-encrypted  response.  If  everything 


In  an  age  when 
communications  managers 
will  use  multiple  channels  of 
communication  —  routing 
data  around  failed  nodes  or 


plate  stored  in  a  system  memory.  The 
Fingermatrix  product  costs  $3,500,  while 
the  Indentix  product  costs  $5,000.  Inden- 

that  would  fit  into  a  PC’s  expansion  slot. 


put  Fort  Knox  to  shame. 


explains  Charles  E.  Rsrkins,  se 
pervising  consultant  with  Balti 


ifrared  light  and  the  data?  W 


.......  peaking,  an  MIS  problem.  It 

s  a  corporate  problem.  The  theft  of  data 
s,  in  the  end,  no  different  than  the  theft  of 


through  simple 


I/O,  I/O 

Its  Off!) Work 
We  Go. 


Jack  Bologna,  president  of  security  con¬ 
sulting  agency  Computer  Protection  Sys¬ 
tems.  Inc.  "Something  that  is  part  of  the 


can  get.  Some  of  the  experts  talk  about 


Introducing  THe  Harris  HCX-9  Computer 

It's  no  fairy  tale.  And  it's  easy  to  port  software  to  the  HCX-9, 

Our  new  UNDC™-based  Harris  HCX-9  ,  if  it's  not  already  in  our  catalog.  In  short  the 

eliminates  your  I/O  bottleneck.  Because  it  . 

can  serve  more  users  and  execute  more 
transactions,  with  faster  response.  That 
should  make  you  whistle  while  you  work. 

Th»  MTY-fl  foatiin*  tho  inrWrv  ctarvh 


ul.  Find  out  how  the 


SECURITY 

MANAGEMENT  STRATEGIES 


A  new 
vigilance 

Security  has  piqued 
the  interest  of  MIS 
and  management  at  all  levels 


BY  STAN  KOLODZIEJ 


A 


s  if  MIS  managers  don’t  have  enough  work  dealing  with  applica- 
is  backlogs,  fielding  user  complaints  and  grooming  them¬ 
selves  to  become  chief  information  officers,  they  must  also 
shoulder  the  growing  chore  of  computer  security. 

Safeguarding  systems  is  no  mean  task.  Computer  security  runs  the  gamut 
from  individual  passwords  and  data  access  controls  to  multimillion-dollar 
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The  selling  job  has 
paid  off,  but  the  flip 
side  of  extra  security 


Are  you  doing 
anything? 

A  Big  Eight  firm’s 
computer  security 
survey  results 


BY  TONI  B.  FISH 


While  managers  realize  the  benefits  of  computers, 
it  has  been  only  recently  that  they  have  begun  to 
recognize  the  flip  side  of  computerization  —  the 
dangers  associated  with  breaches  in  computer  security. 

For  many  years,  information  security  was  almost  exclusively  a  con¬ 
cern  of  military-related  organizations  and  the  banking  industry.  Now, 
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S  E  C  U  R  I  T 


EMPLOYEE  CRIME 


Insider  crimes 

threaten  corporate 
well-being 


BY  MARTIN  NABUT 

The  whole  notion  of  computer  security  has  a  quality  of  intrigue.  It  conjures  up  ideas  of 
industrial  espionage,  no-holds-barred  competition,  laptop, -toting  terrorists  and  other 
felons  playing  fast  and  loose  with  sensitive  information  belonging  to  banks,  corpora¬ 
tions  and  government  agencies. 

But  many  executives  say  those  ideas  are  more  suited  to  spy  novels  than  to  reality.  The  fact 
is  that  despite  the  increase  in  personal  computer-to-mainframe  links,  in  spite  of  local-area 
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DISASTER  RECOVERY 
PLANNING 


MOSAIC  COMPUTER  SECURITY,  INC. 
(617)  491-2434 


The  disaster  business 
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DISASTER  RECOVERY 


;»  grave  indeed.  Companies  deal- 


company  has  to  pro-  hundreds  of  thousands  of  dollars 


lor  instance,  pegged  the  cost  of 

cal  large  insurance  company  at 
S275.000  a  day  3nd  for  a  typical 
'  a  catastrophic 


Some  companies  simply  have 
lients  to  ignore  disaster  plan- 


Fidelity  invests  in  leased  hot  site 


The  statistics  all  earn1 
the  same  message: 
Computer  disaster 
equals  financial  chaos. 
If  the  message  is  a 
scare  tactic,  then  a  lot 
of  firms  are  watching 
their  steps. 


Depository  Trust  is  a  cooper¬ 
ative  venture  of  600  securities 
firms  and  has.  for  all  intents  and 
purposes,  done  away  with  paper 


hers  a  computerized  book  entry 
system.  The  actual  security  doc¬ 
uments  remain  in  Depository 
Trust's  vaults.  Understandably, 


president  and  data  security  offi- 

vices.  Inc.,  headquartered  in 
Minneapolis, 
real  damage, 
how  vulnerable  we  were." 

*t  Lucey.  president  of 


I  (FCPA).  a  rather  misleadingly 
i  named  piece  of  legislation  that 
enjoins  all  U.S.  companies  to  es- 
i  accounting  controls  as  a 
necessity.  Part  of  this 
thrust  in  corporate  accountabil- 


Dianne  C 
the  Long  Beach.  Calif.-based  As- 
'  Contingency  Plan- 
nyone  that  has  any  gov- 


MOSAIC  COMPUTER  SECURITY,  INC. 

_ (617)  491-2434 _ 


computer  rooms  have  an  array  of  weapons 
to  combat  disaster:  Halon  fire-retarding  sys¬ 
tems.  water  detectors  under  the  floors,  ac- 

temal  door  and  enough  power  from 
generators  to  run  the  computers  indefinitely 
in  the  event  of  a  power  failure, 

‘‘Part  of  disaster  recovery  is  planning  to 
avoid  disasters  in  the  first  place,”  explains 
Liz  Foote,  director  of  systems  management 
for  Fidelity,  the  country's  second-largest 
purveyor  of  mutual  funds. 

If  anything  does  go  wrong,  though.  Fi¬ 
delity  is  ready.  The  managers  and  staff  would 
pick  their  tapes  up  from  the  previous 
night's  backup,  which  is  stored  off -site,  and 

Since  June  1983.  Fidelity  has  contracted 
with  Sunguard  Recovery  Services.  Inc.,  a 
Wayne.  Pa.,  firm  that  provides  hot  sites  and 
disaster  recovery  consulting  services.  "We’d 

the  operating  system  and  some  necessary- 
software.  Then  we’d  start  restoring  appli¬ 
cations  that  are  data  specific  to  a  particular 
business  entity."  Foote  says.  Critical  oper¬ 
ations.  like  Fidelity's  discount  brokerage  and 
mutual  funds  services,  would  be  booted  up 
first ,  followed  by  less  time-dependent  finan- 

Fidelity  is  an  IBM  mainframe  shop  that 
has  two  3090  Model  400s  and  two  3090 
Model  200s  running  all  the  time.  The  facili¬ 
ties  at  Sunguard  match  headquarters's  close- 

cause  the  site  is  not  as  big  as  we  are,  but 
there  are  also  things  we  wouldn't  have  to 
process  if  we  were  in  disaster  recovery  mode 
(such  as|  lots  of  reports.  We‘d  shed  those 
noncntical  operations.”  Foote  says. 

Since  1983,  Fidelity's  MIS  department 
has  conducted  on-site  testing  at  Sunguard. 
Four  weekends  a  year,  representatives 
from  each  department  in  MIS.  making  up  a 
group  of  10  to  30  people,  go  to  Philadelphia 
and  restore  operations  from  backup  tapes. 
Aided  by  colleagues  in  Fidelity's  Dallas.  Salt 


handled  accurately  and  completely.  Accord¬ 
ing  to  Foote.  ‘‘It's  basically  just  like  running  a 
mini-Fidelity  in  Philadelphia  for  a  couple  of 

pletely  different  firm  the  next  day. 

Testing  has  grown  more  and  more  com- 


bility  that  in  March  1983.  the  same  month 
Foote  presented  the  plan  to  senior  manage- 

was  approved,  and  the  first  test  at  Sunguard 
Fidelity  looks  at  expenses  for  recovery 

Fidelity,  which  has  its  soul  tied  to  DP.  a  large 

The  advantages  of  a  rented  hot  site  over 


importantly,  the  ability  to  test  the  system 
before  it  is  needed.  Foote  says.  And  what  are 
the  advantages  for  Fidelity  of  a  rented  hot 
site  like  Sunguard's  over  maintaining  its  own 
'The  cost  of  maintaining  a 
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If  a  company  does  no 
have  adequate 
communications 
planning,  it  does  not 
have  adequate 


Fire  tests  Canadian  firm’s  disaster  plan 


This  revolutionary  new  Printer  On-line  Paper  Processing  System  (POPP)  by  Hunkeler  can  maximize 
your  laser  printer  s  capability  and  improve  your  paper  handling  six  ways: 

1  InOTase^Productivity-Ai^olpaper  J  Rapid  Return  on  Investment  Aithr  ^  LowerP^KrCosts-sysMmdeSsn  ■■  ■  A 

tlAIbgrapthDes 
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Site  uptime 
management 

An  ounce  of  disaster 
prevention  is  worth 
a  pound  of  cure 

BY  KENNETH  BRILL 

In  addition  to  planning  for  disaster  recovery,  MIS  must  eliminate  or  minimize  the  potential  for  disaster 
in  the  first  place.  By  maintaining  a  state  of  preparedness  for  both  people  and  systems,  MIS  can  help  its 
organization  skirt  a  catastrophe. 

The  capacity  for  avoiding  disaster  is  the  result  of  a  carefully  thought-out  management  process  called 
“site  uptime  management.”  In  a  new  facility,  site  uptime  management  begins  with  a  critical  yet  deceptively 
simple  conceptual  engineering  block  diagram  that  lays  out  equipment  choices  and  capacities,  bypassing 


WE’RE  THAT  MOBILE 

^DISASTER  RECOVERY  COMPANY 
YOU'VE  BEEN  HEARING  ABOUT 


10  Mobile  Computer  Ready  Environment 
10  Hardware  Independent 


PROMDENT 

RECOVERY  SYSTEMS 
Corporate  Headquarters 
1 10  MucKenan  Drue.  Cary.  \’C  JFN I 
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and  Data  Processing 

City  and  County  of  San  Francisco 

Age:  58 

Budget:  $30  million 
Cross  Country  Skier 


users  of  -  spective  meshes  dosely  with  the  way  he  does 
business,  covering  everything  from  mainframes 
itly  to  micros,  software  and  state-of-the-art 


ith  the  first  computerized  fingerprint  matching  technologies. 

- (2H  now  be  matched  in  Information  Services  is  full  of  bright 

:es— a  far  cry  from  the  4  weeks  viduals  with  individual  visions.  Yet  they  all  se 


As  the  City  and  County  of 
San  Frandsco  has  discovered, 
there's  only  one  sensible  way 
to  evaluate  and  integrate 
products  into  one  cohesive 


required  to  do  the  job  by  hand.  Already,  the  sys¬ 
tem  is  credited  with  helping  solve  some  40  major 
unsolved  crimes. 

Today,  Henry  is  in  the  process  of  evaluat¬ 
ing  both  existing  and  potential  vendors  of  minis 
and  micros— and  maintaining  an  approval  list  of 
vendors  for  purchases  made  throughout  the 

,  EvervcomDuter-relatedexpendi- 


Their  favorite  newspaper. 
Computerworid. 
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Don’t  get  locked 
into  too  much 
security 


BY  REBECCA  HURST 

If  a  high-speed  computer  zipping  through  data  transactions 
is  as  sexy  as  a  Porsche  turbo,  then  the  security  it  requires 
has  all  the  attraction  of  auto  insurance.  It  costs  money, 
and  you  may  or  may  not  ever  need  it. 

With  few  visible  benefits  linked  to  security,  most  DP  and 
MIS  professionals  want  to  implement  a  sufficient  degree  of 
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SYSTEM  TRADE-OFFS 


“More  and  more,  our  company  is  using  PCs  for  sensitive  data.  Our 
corporate  philosophy  is  that  access  should  be  provided  on  a  need- 
only  basis.  We  want  to  secure  information  from  prying  eyes.” 


Howdoyoufindac 


Consider  that  you  are  David  Tuckman  and 
you’re  a  business  consultant.  Your  clients 
want  to  knowr  this:  How  does  a  company  sur¬ 
vive  an  operational  breakdown?  Knowing 
that  breakdowns  mean  profit  losses  and  anx¬ 
ious  customers,  your  reputation  depends  on 
finding  solid 

answers  AIM’ COOICS  thtOUgh 

for  David  Tiidamn 
throughfor  withtheConsuhant 

David  with  LaecttltogFgte 

the  AT&T 

Crisis  Management  solution,  featured  in  the 
AT&T  Consultant  Liaison  Program. 

By  working  together  with  AT&T  you  can 
design  a  proposal  to  show  your  clients  how  to 
forestall  a  crisis  situation  entirely:  or  recover 
quickly: 

for  example,  AT&T  works  with  “Hot  Site" 
vendors  who  can  supply  your  clients  with 
backup  facilities  that  mirror  their  computer’s 
normal  operations.  And  our  AT&T  ACCUNET* 
family'  of  Digital  Services  allows  your 
clients  to  create  a  link  with  remote  facilities 
and  their  terminals.  And  these  links  can 
operate  at  speeds  of  up  to  1.544  megabits 
per  second. 

What  about  presentation?  W  can  show 
you  how  to  integrate  these  services  into  your 
proposals.  So  you're  even  better  prepared  to 
make  informed  strategic  recommendations 
And  that  gives  you  the  edge  over  your 
competition. 

How  do  we  follow  up?  You  have  an  added 
plus  in  our  AI&T  Product  and  Network  Appli¬ 
cations  Manuals  (both  available  for  a  small  fee). 

So  hew  do  you  find  a  crisis  before  it  finds 
you?  With  the  AT&T  Crisis  Management  solu¬ 


tion,  part  of  the  AT&T  Consultant  Liaison 

Prqgram.YouTl  find  a  variety  of  solutions 
for  whatever  troubleshooting  your  clients 
may  need. 

Rom  equipment  to  networking,  from 
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Tinker, 
tailor, 
network 

BY  JOHN  VACCA 

The  increasing  popularity  and  population  of  micros  present  many  problems  and  risks  for  MIS.  With 
systems  spread  among  a  variety  of  users,  far  from  MIS's  supervision,  micro  users  can  easily  inflict 
serious  damage  to  a  network  either  through  unwitting  misuse  or  through  intentional  fraud  or  sabo¬ 
tage.  As  companies  replace  dumb  terminals  with  micros  to  allow  mainframe  access  and  help  mitigate  the 
data  processing  burden,  the  potential  for  network  security  problems  and  risks  increases. 

Companies  can  minimize  the  chance  of  intrusion  through  protective  devices  and  procedures  and  through 
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SECURITY 


TECHNOLOGY  INSIGHT 


be  conducted,  not  for  the  purpose  of  pre¬ 
vention  but  for  detection  of  any  lost  or  al¬ 
tered  data  soon  after  the  fact. 

MIS  should  re 


urn  number  of  personnel. 
Also,  MIS  should  institute 
he  purpose  of  audit  trails  i 


terminals,  ti 
message  types  and  counts  received  for 
comparison.  For  applications,  include  dai- 


ssages  generated. 

1  on  protecting  acce 


A  smarter 
smart  card 

etworits  pose  specjal  secuntv 


The  first  ch; 
I  ;  belong  on  the  r 


W)rid  is  bigger  than  your  budget. 


Anyone  who  gets  his  hands  or 


SECURITY 


Justice 
and  data 
for  all 


Information  managers  will  not  take  data  base  censorship  lying  down.  That  is  the  message  the  Informa¬ 
tion  Industry  Association  and  other  organizations  have  made  clear  to  the  U.S.  government  by  success¬ 
fully  challenging  a  policy  directive  from  former  National  Security  Agency  director  John  Poindexter.  In 
November  1986,  Poindexter  issued  a  policy  giving  the  government  power  to  supress  information  it  deemed 
“sensitive  but  unclassified.”  This  policy  was  based  solidly  on  the  two-year-old  National  Security  Decision 
Directive  (NSDD)  145  that  outlined  similar  powers  for  administrative  agencies.  However,  information 

industry  leaders  identified  the  policy  as  a  threat  tion  would  protect  information,  Fountaine  said,  and  suggest  control  methods.  "The  Air  Force 
to  privacy  and  freedom  of  speech,  particularly  but  what  information  within  government  and  in-  was  the  most  confident,”  he  observes.  "They 
for  public  data  bases.  Shocked  and  indignant,  dustry  it  would  protect.  Beyond  this  statement,  asked.  ‘Can  you  do  this?  Can  you  monitor 
they  quickly  brought  the  policy  to  the  light  of  though,  she  offered  little  detail.  “Fountaine  that?’  " 

public  scrutiny  that  lead  to  the  policy's  rescision  didn't  give  specific  examples  and  wouldn’t  even  Later,  the  Air  Force  published  a  report  on 
earlier  this  year  (see  story  on  government  regu-  tell  us  what  the  administration  planned  to  do,"  Mead.  Simpson  recalls.  "I  asked  if  I  could  see  it 


lations,  page  47).  Allen  says.  “I  was  very  dissatisfied.” 

Days  after  Poindexter  issued  the  directive.  For  Jack  Simpson,  who  also  attended  that 
more  than  100  members  of  the  Information  In-  meeting,  the  implications  became  disturbingly 

dustry  Association  (IIA)  sat  amazed  as  Diane  clear.  Simpson,  president  of  Mead  Data  Cen- 

Fountaine,  who  heads  the  Pentagon's  informa-  tral,  a  Dayton.  Ohio-based  supplier  of  such  data 

“I  was  greatly  distressed,”  recalls  Kenneth  ing  the  U.S.  Air  Force,  Central  Intelligence 

Allen,  the  IIA’s  vice-president  for  government  Agency  and  Federal  Bureau  of  Investigation,  to 

say  that  the  Pentagon  wasn’t  concerned  about 
public  data  bases.  Instead.  I  heard  just  the  oppo- 


The  situation  has  been  sticky.  Simpson 
ie  government,  including  the  White  House. 


Public  outcry 
foiled  a 
federal  policy 
that  limited 
privacy 
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Even  though  NSDD 145  does  not  provide  the  government  with 
legal  authority  to  institute  information  sanctions,  the  perception 
that  it  has  this  authority  can  be  equally  threatening.  “The 
government  is  like  a  6,000-lb  gorilla.  When  it  moves,  you  don’t  ask 
if  it  has  the  right  to  do  so;  you  move  out  of  the  way.” 


Repealing  the  policy  was  a  step  in  the 
;ht  direction,  but  many  industry  leaders 


:h.  Davis.  Birch  &  Murphy, 
ays,  "The  fact  that  the  ad- 
rescinded  the  directive 


Start  your 
subscription  now, 
and  save  $9! 

JUST  6W  AN  ISSUE 

For  over  20  years,  COMPUTERWORLD  has  covered  the 
ever-changing  field  of  information  systems  like  no  one 
else.  And  we’re  moving  into  the  next  generation  of 
technological  advances  with  an  expanded  staff,  more 

top— and  slightly  ahead — of  new  developments.  Join 
the  celebration!  One  full  year  (51  issues)  costs  just  S35, 
a  savings  of  S9  off  the  basic  rate,  and  only  69*  an  issue! 


—for  subscribers  only! 


PLUS 

A  FREE  MAGIC  MUG 


What's  a  20th  Anniversary 
Celebration  without  some- 

This  unique  COMPUTER- 
WORLD  coffee  mug  features 


to  COMPUTERWORLD. 


Subscribe  today  by  returning  the  order  form 


SECURITY 

GOVERNMENTAL  CONTROLS 


DES  gets  an  encore 


M: 


to  work  on  its  CCEP  algorithms, 
i  it  will  already  work  with  the  NSA  i 


mental  power  over  private  secu- 
.  .ty.  A  victory  for  the  U.S.  private  sector 

(NSA)  overturned  its  previous  state¬ 
ment  of  direction  and  agreed  to  support 
the  Data  Encryption  Standard  (DES)  — 
at  least  for  a  few  years. 

A  year  and  a  half  earlier,  the  NSA  had 

dorsement  of  DES.  Instead,  the  agency 
planned  to  replace  DES  with  an  encryp- 


:  it  would  have  on  U.S.  bu 


Calif.-based  Security  Pacific  Nat 


While  some  of  the  CCEP  algorithms  are 
applicable  to  part  of  banking's  processing. 

other  areas.  In  addition,  the  NSA  wants  to 
generate  and  manage  the  keys  that  de¬ 
crypt  these  CCEP  security  systems.  "If 
we  had  to  go  to  the  NSA.  the  cost  over- 


classified  data,  which  would  primarily  b 
used  by  the  government,  he  comments 
Without  a  fully  developed  set  of  algo 
rithms  from  the  NSA,  DES  is  the  only  e 
crypt  ion  standard  that  businesses  have 
Zeitler  says.  “The  fact  that  DES  is  a  na 
tionally  recognized  standard  has  made ; 
big  difference  in  industry,"  he  asserts. 
- >ut  DES,  we  would  be 


mercial  Comsec  Endorsement  Program 
(CCEP).  The  NSA’s  decision  was  not  di¬ 
rectly  tied  to  the  National  Security  Deci¬ 
sion  Directive  (NSDD)  145,  says  Ken¬ 
neth  Allen,  vice-president  for  the 
Information  Industry  Association  (HA). 


from  the  government  to  regulate  s< 
tive  but  unclassified  information. 
The  NSA’s  standards  announce! 


one  size 
does  not 
fit  all! 

Software  tailored 
to  fit  your 
mailware  needs 


OPERATING  SYSTEMS 
YOU  CAN  MiKJK: 


SECURITY 


EFT  PROTECTION 


It’s  in  the  bank... 
or  is  it? 


coins.  Rather,  tapping  into  the  sophisticated  electronic  exchange  systems 
that  are  an  integral  part  of  modern  banking  is  tantamount  to  a  holdup  of 
far-reaching  consequences. 
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rds  developed  under  the 


Data  security  cannot 
be  effective  without 
physical  security. 


jping  hardware  and  soft- 


message  has  changed,  the  MAC  will  be  in¬ 
valid.  This  process  can  be  done  in  soft- 

ployed  by  Chase  Manhattan  Bank  NA  in 


EQUICOR 

TECHNOLOGIES 


Disaster  Recovery  Services 

EQUICORTECHNOLOGIES  “ 


E  CORPORATION 


re  requiring  ANSI  message  auth 


I  Telecommunications  emf 


}  use  data  encryption.  Enc 
'  tsoftheinfoi 
bon,  allowing  only  the  authorized  us« 


readable  form.  Encryption  systems 
work  at  the  word  level  are  called  code 
terns,  while  the  systems  that  work  at 


Slay  the  payroll  tax 
dragon  with  BSI-TAX  from 
Business  Software,  Inc. 
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XEROX 


"Xerox  has  a  range  of 
Electronic  Printing  Systems  that  produce 
10  originals  per  minute  to  120  per  minute. 
And  they  thought  I  was  prolific.” 


Whether  you’re  pounding  out  a  few  pages  Xerox  4050  is  a  laser 

or  putting  out  pages  by  the  pound.  Team  Xerox  sharp  text  and  graph 

has  the  solution  to  jour  printing  problems.  To  TheXerax870l 

Xerox  thaft  more  than  Just  producing  reliable  dand  for  high-uolumr 

printers  Itk  more  than  just  service.  Itk  a  belief  now.  the  new  8790  a 

that  finding  the  solution  to  jour  problems  to  a  new  leueL  These 


The  Xerox  8700  and  9700  set  the  stan- 
for  high-volume  electronic  printing.  And 
the  new  8790  and  9790  take  that  standard 
new  level.  These  high- volume  electronic 


isn't  good  enough  unless  it's  the  exact  right  printing  systems  give  corporate  da 
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Safe  protects 
inl,700°Fheat 


•an  task  that  many  fail  to  com- 
f  percent  of  firms  in  this  pre- 
portedly  go  out  of  business. 

Prime  Solutions  claims  that  the  prod-  The  ba: 

uct  checks  every  byte  on  the  disk,  occu-  Dial-Guard,  Inc.  has  introduced  the  protected 
pied  or  not,  for  the  soft  error  rate,  track  Dial-Guard  on-line  security  system.  interfaces 

lo!*d  kt  ^  Med 

of  East  Rutherford.  NJ.  was 
pecifically  to  protect  floppy 
ipes.  It  reportedly  can  protect 

The  latest  UPS 

over  600.000  KVA  of 
installed  UPS  power. 

Why  UPS 
solid  state  UPS? 

Breadth  and  stability 
are  two  reasons.  Wre 
big,  efficient  and  on 


So  head  crashes,  disappearing  data  and 
board  failures  have  finally  gotten  to  you. 

All  fingers  point  directly  to  a  plague 
of  dirty  power  bugs -incoming  spikes,  sags, 
surges,  transients  and  glitches. 

You're  convinced  that  an  uninterrupt¬ 
ible  power  supply  (UPS)  system  is  the  only 
solution 

Look  before  you  leap.  Now  there  are  two 
UPS  technologies  to  choose  from;  Solid 
State  and  Rotary  State 

Both  provide  die  same  fail-safe  insurance 
Each  has  an  equally  fanatic  following 

EPE  solid  state  UPS 
is  anything  but  static. 

In  fact,  this  all-electronic  UPS  technology 
is  growing  so  fast  that  we've  formed  a 
new  subsidiary.  Ultimate  Bower  Systems:" 
to  efficiently  handle  the  business. 

Annual  world-wide  UPS  system  sales 
from  Ultimate  Fbwer  and  our  joint  venture 
partner.  Merlin  Gerin,  now  total  over  $100 
million  Our  installed  base  over  the  past  16 
years  now  exceeds  10.000  systems.  That's 


State-of-the-art  elect¬ 
ronics  is  another. 

Ultimate  Bower  uses 
the  latest  pulse-width 
modulation  (PWM) 

■.  voltage  regulation  tech¬ 
niques  for  10  times  faster 
response  to  critical  load  changes. 
With  innovative  designs  requiring  fewer  parts, 
system  reliability  exceeds  100.000  hours. 

Installation  and  maintenance  is  easy.  too. 

In  fact,  the  average  system  installs  in  only 
about  four  hours  compared  to  two-to-three 
days  for  some  competitive  units. 

EPE  systems  range  in  size  from  three 


Lr^|ifp:-J 

to  600  KVA.  Six  or  more  modules  can  be 
paralleled  to  increase  ratings  to  3600  KVA 
and  beyond  building  in  fail-safe  redundancy. 

We’ve  caused  a 
revolution  in  rotary. 

EPE  motor-generator  sets  are  not  the  big 
rumbling  cellar  dwellers  of  old  They're 
small  as  reliable  as  static  systems,  cheap 
to  maintain,  quiet  and  run  cool  enough 
to  blend  right  into  your  computer  room. 


ms  are  now  available 
states. 


Full  UPS  protection 
comes  from  Powerbloc 
UPS.  a  unique  off-line 
inverter/battery  module 
At  the  first  sign  of  a 
power  drop,  Powerbloc 
UPS  swings  from  standby 
mode-no  noise  no  load, 
no  heat-to  full  emeigency 
back-up  protectioa 
Generator  “ridethrough' 
inertia  provides  clean 
power  for  up  to  two 
seconds-far  more  time 
than  Powerbloc  UPS 
needs  to  start  providing 
power. 

Powerbloc  is  the  only  UPS 
system  you  can  grow  into. 

Simply  start  with  a  Powerbloc  power 
conditioner  now  and  add  a  Powerbloc  UPS 
later  when  you're  sure  you  need  it  and  can 
afford  it 

Or  if  you  already  have  a  power  condi¬ 
tioner.  simply  add  a  UPS  unit  to  it  Suddenly 
you  11  have  complete  UPS  protection  at  a 


to  power  centers  to  line  conditioners  to  our 
Environmental  Monitoring  Systems  (EMS). 

And  only  EPE  can  provide  the  kind  of 
objectivity  you  need  for  such  a  critical  UPS 
decisioa  Write,  call  or  send  in  this  cou¬ 
pon  today. 

I’m  interested. 


INPUT  ^  | 

!  |  g™. 

~| — g - |  INVERTER  | 

ISf!  ROTARY 

1  i 

— i — - 

!  STATE 

[_  1 

-RAmRV  ] 

One-UPS-manship. 

Regardless  of  which  UPS  state  you  prefer 
only  EPE  offers  both. 

Only  EPE  has  a  broad  product  line  from 
switchgear  to  loadbanks  to  transformers 


initial  call-in;  and  pass-through 
j  access  mat  connects  authorized  users  di¬ 
rectly  to  the  host  without  callback. 

The  VA930  is  priced  at  $2,995. 
Racal-Vadic.  1525  McCarthy  Blvd  . 
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Concurrent  "Multi-Mode"  Operation  on  EACH  Lin 
Utilization  Monitoring  for  Network  Analysis 
Automatic  Log-On  to  Host  using  “Token"  ID 
Automatic  Session  Log-Off  Upon  Disconnect 
Completely  Programmable  System  Configurator 
Comprehensive  Audit  Trail  in  ALL  Modes 
Universal  Hardware  Compatibility 
and  much  more... 


June  14-20 


Network  Design.  New  York, 
June  22-24  —  Contact:  Systems 
Technolog>’  Forum.  Suite  150, 
10201  Lee  Highway.  Fairfax. 


Local  Communications  Sys- 

Contact:  Systems  Technology 
Forum.  Suite  150,  10201  Lee 
Highway.  Fairfax,  Va.  22030. 

The  National  Computer 
Conference  (NCC).  Chicago. 
June  15-18  —  Contact:  NCC 
'87,  American  Federation  of  In¬ 
formation  Processing  Societies, 
Inc.,  1899  Preston  White  Drive. 

The  Third  Internationa]  In¬ 
tegrated  Services  Digital 
Networks  Exposition.  Atlan¬ 
ta,  June  15-19  —  Contact: 
Christopher  Kennelly,  Informa¬ 
tion  Gatekeepers.  Inc.,  214  Har¬ 
vard  Ave.,  Boston,  Mass.  02134. 

Telecommunications  Man¬ 
agement.  Dallas.  June  17-19 


agement  Software:  How  to 

June  18-19  —  Contact:  Business 
Communications  Review.  950 
York  Road,  Hinsdale.  III.  60521. 

IBM  Product  Strategies  and 
Architectures.  Philadelphia. 
June  18-19  —  Contact:  Data- 

Lakeview  Plaza.’ Clifton.  NJ.' 
07015.  Also  being  held  June  25- 
26  in  Boston. 


June  21-27 

Essential  Systems  Develop¬ 
ment:  A  Fourth-Generation 
Methodology.  San  Francisco. 
June  22-24  —  Contact:  Technol¬ 
ogy  Transfer  Institute.  741 
Tenth  St..  Santa  Monica,  Calif. 
90402. 


view,  950  York  Road.  Hinsdale. 


Understanding  and  Select¬ 
ing  Voice  Messaging  Sys¬ 
tems.  Seattle,  June  25-26  — 
Contact:  Business  Communica¬ 
tions  Review,  950  York  Road. 
Hinsdale,  Ill.  60521. 


June  28  July  4 

T1  Networking.  Dallas.  June 
29-July  1  —  Contact:  Systems 
Technology  Forum,  Suite  150. 
10201  Lee  Highway.  Fairfax. 

Voice  /Data  PBXs.  Washing¬ 
ton  D.C.,  June  29-July  1  —  Con¬ 
tact:  Systems  Technology  Fo¬ 
rum,  Ste.  150.  10201  Lee 
Highway.  Fairfax.  Va.  22030. 
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Thomas  Roberts 


Backing  up 
PC  data 


next  issue 


At  Last.  An  Office  Software  System 
for  the  Highest 
Common  Denominator. 


Alis.  Designed  for  the  professional  office. 

If  yourcompany's  success  hinges  on  the  work  of 
professionals,  the  engineer,  the  business  profes- 


Consider  Alis.  The  office  software  system  designed 
specifically  for  the  professional  office. 
It  networks  workstations,  PCs  and  terminals 
company-wide.  So  your  professionals  have  the  time 
to  do  the  job  they  were  hired  to  do,  and  their  staff 
gets  professional-looking  results  quickly  and  easily. 

Spend  more  time  on  the  job.  And  less  on  paperwork. 

Studies  show  that  many  business  and  engineering 
professionals  spend  more  than  50%  of  their 
time  on  administrative  tasks.  Chances  are,  it's 


Reducing  that  pe 


personal  computer  applications. 


Alis  is  available  right  now. 

On  equipment  your  people  use  right  now:  Apollo, 
Compaq,  Digital  VAX,  Hewlett-Packard,  Honeywell, 
IBM  RT  PC,  Masscomp,  NCR  Tower,  and  Sun. 
Chances  are  Alis  can  be  networked  across  them  with 
complete  transparency.  For  example,  VAXs  and 
68000- based  workstations  and  MS-DOS  PCs. 
To  find  out  more,  contact  your  local  representative 
of  the  companies  mentioned  above. 
Or  call  Mike  Beringer,  V.PNorth  American  Sales, 
at  Applix  (617)  870-0300. 


Finally, 


tmmAPPLiX' 

The  integrated  software  system  for  the  professional  office. 

some  answers  in  Wonderland. 

APPLiX,  INC  .  112  TURNPIKE  ROAD.  WESTBORO,  MASSACHUSETTS  01581  (617)  870-0300 


